36a1fed175471c00f7748f51deeace63_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36a1fed175471c00f7748f51deeace63_JaffaCakes118
Size

17KB
MD5

36a1fed175471c00f7748f51deeace63
SHA1

ee7dc8acaf8f380c744fbbbe262495e273944a1f
SHA256

696e24b155e60e2878d74f58daec543584571fee825ca81061492eb1ed0929a9
SHA512

fad703683a6daea6fd44e1214e720c572e6f44a7959678e458a24aa36f2c84ae84f27b0f3d705fd48465999dc5043c955af228c33e82977ec3940230deabbcc8
SSDEEP

192:6EJZPZfRU+b09ULo7QqEa9zJijVaa4XN5QyJkw+Tb9s3CelXwIsv:pZPtRU+AYPstijca4XXZGPKZsv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36a1fed175471c00f7748f51deeace63_JaffaCakes118

Files

36a1fed175471c00f7748f51deeace63_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6f526319b2071a4a1e082d18d36d1ea3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForMultipleObjects
SuspendThread
GetSystemDefaultLangID
CloseHandle
GetVersion
GlobalUnlock
GetTickCount
GetStdHandle
GetModuleHandleA
WaitForSingleObject
CompareFileTime
SetConsoleCP
HeapCreate
GetCommandLineA
OpenMutexA
HeapReAlloc
lstrlenA
GetAtomNameA
GetConsoleCP
VirtualProtect
InterlockedExchange

user32

DragObject
FindWindowA
CopyImage
GetKeyboardLayout
CreateCursor
EnableScrollBar
CreateMenu
MessageBoxA
InsertMenuA
DispatchMessageA
CreateIcon
GetCursorInfo
DrawCaption
GetDlgItem
SetScrollInfo
IsDialogMessage
DestroyMenu
DialogBoxParamA
SetWindowPos
InvertRect
GetKeyState
DispatchMessageA
SetPropA

advapi32

RegQueryInfoKeyA
RegCloseKey
RegCreateKeyExA
RegEnumKeyA
RegEnumValueA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ